Filter

go/github.com/argoproj/argo-cdArgo CD web terminal session doesn't expire

7.1
First published (updated )

go/github.com/argoproj/argo-cd/v2Cluster secret might leak in cluster details page in Argo CD

First published (updated )

Linuxfoundation Argo Continuous DeliveryDenial of Service to Argo CD repo-server

First published (updated )

Linuxfoundation Argo-cdPath traversal allows leaking out-of-bound Helm charts from Argo CD repo-server

First published (updated )

go/github.com/argoproj/argo-cd/v2/serverUnauthenticated Access to sensitive settings in Argo CD

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Linuxfoundation Argo Continuous DeliveryCross-site Scripting (XSS)

First published (updated )

Linuxfoundation Argo Continuous DeliveryArgo CD leaked secret data into error messages and logs on invalid edits via UI

First published (updated )

Linuxfoundation Argo Continuous DeliveryArgo CD leaks repository credentials in user-facing error messages and in logs

First published (updated )

go/github.com/argoproj/argo-cdArgo CD allows authenticated users to enumerate clusters by name

First published (updated )

Linuxfoundation Argo-cdExternal URLs for Deployments can include javascript in argo-cd

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Linuxfoundation Argo-cdPath traversal allows leaking out-of-bound files from Argo CD repo-server

First published (updated )

Linuxfoundation Argo-cdPath Traversal, Infoleak

7.7
First published (updated )

go/github.com/argoproj/argo-cdAs of v1.5.0, the default admin password is set to the argocd-server pod name. For insiders with acc…

8.8
First published (updated )

go/github.com/argoproj/argo-cdAs of v1.5.0, the Argo API does not implement anti-automation measures such as rate limiting, accoun…

7.5
First published (updated )

go/github.com/argoproj/argo-cd/v2Cross-Site Request Forgery (CSRF) in github.com/argoproj/argo-cd

8.4
EPSS
0.05%
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Linuxfoundation Argo-cdArgo CD users with any cluster secret update access may update out-of-bounds cluster secrets

First published (updated )

go/github.com/argoproj/argo-cdFixed in v1.5.1, Argo version v1.5.0 was vulnerable to a user-enumeration vulnerability which allowe…

First published (updated )

Linuxfoundation Argo Continuous DeliveryIn util/session/sessionmanager.go in Argo CD before 1.8.4, tokens continue to work even when the use…

First published (updated )

Linuxfoundation Argo-cdAny unprivileged user is able to deploy argocd in his namespace and with the created ServiceAccount …

First published (updated )

Linuxfoundation Argo-cdInfoleak

7.5
First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Linuxfoundation Argo-cdXSS

First published (updated )

Linuxfoundation Argo Continuous DeliveryAs of v1.5.0, the Argo web interface authentication system issued immutable tokens. Authentication t…

7.5
First published (updated )

go/github.com/argoproj/argo-cdInfoleak

First published (updated )

go/github.com/argoproj/argo-cd/v2Insecure entropy in argo-cd

8.3
First published (updated )

go/github.com/argoproj/argo-cd/v2Argo CD vulnerable to Uncontrolled Memory Consumption

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Linuxfoundation Argo-cdPath traversal and improper access control allows leaking out-of-bound files from Argo CD repo-server

7.7
First published (updated )

Linuxfoundation Argo-cdImproper access control allows admin privilege escalation in Argo CD

First published (updated )

Linuxfoundation Argo-cdSymlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server

First published (updated )

Linuxfoundation Argo-cdArgo CD login screen allows message spoofing if SSO is enabled

First published (updated )

Linuxfoundation Argo-cdArgo CD will blindly trust JWT claims if anonymous access is enabled

First published (updated )

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203